The output as the following. Meanwhile, the aa-logprof will scan the syslog forever and never stop.
I have been filed the bug for aa-logprof. However, one of the developer says that the bug has been
fixed in the upstream.
----------------------------------------
samiux@croissants:~$ sudo aa-genprof suricata
Writing updated profile for /usr/bin/suricata.
Setting /usr/bin/suricata to complain mode.
Before you begin, you may wish to check if a
profile already exists for the application you
wish to confine. See the following wiki page for
more information: http://wiki.apparmor.net/index.php/Profiles
Please start the application to be profiled in
another window and exercise its functionality now.
Once completed, select the "Scan" option below in
order to scan the system logs for AppArmor events.
For each AppArmor event, you will be given the
opportunity to choose whether the access should be
allowed or denied.
Profiling: /usr/bin/suricata
[(S)can system log for AppArmor events] / (F)inish
Reading log entries from /var/log/syslog.
Updating AppArmor profiles in /etc/apparmor.d.
Traceback (most recent call last):
File "/usr/sbin/aa-genprof", line 150, in <module>
lp_ret = apparmor.do_logprof_pass(logmark, passno)
File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2246, in do_logprof_pass
read_profiles()
File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2564, in read_profiles
read_profile(profile_dir + '/' + file, True)
File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2590, in read_profile
profile_data = parse_profile_data(data, file, 0)
File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2700, in parse_profile_data
filelist[file]['profiles'][profile][hat] = True
TypeError: 'bool' object does not support item assignment
The output as the following. Meanwhile, the aa-logprof will scan the syslog forever and never stop.
I have been filed the bug for aa-logprof. However, one of the developer says that the bug has been
fixed in the upstream.
------- ------- ------- ------- ------- -----
samiux@ croissants: ~$ sudo aa-genprof suricata
Writing updated profile for /usr/bin/suricata.
Setting /usr/bin/suricata to complain mode.
Before you begin, you may wish to check if a wiki.apparmor. net/index. php/Profiles
profile already exists for the application you
wish to confine. See the following wiki page for
more information:
http://
Please start the application to be profiled in
another window and exercise its functionality now.
Once completed, select the "Scan" option below in
order to scan the system logs for AppArmor events.
For each AppArmor event, you will be given the
opportunity to choose whether the access should be
allowed or denied.
Profiling: /usr/bin/suricata
[(S)can system log for AppArmor events] / (F)inish aa-genprof" , line 150, in <module> do_logprof_ pass(logmark, passno) python3/ dist-packages/ apparmor/ aa.py", line 2246, in do_logprof_pass python3/ dist-packages/ apparmor/ aa.py", line 2564, in read_profiles profile( profile_ dir + '/' + file, True) python3/ dist-packages/ apparmor/ aa.py", line 2590, in read_profile data(data, file, 0) python3/ dist-packages/ apparmor/ aa.py", line 2700, in parse_profile_data file][' profiles' ][profile] [hat] = True
Reading log entries from /var/log/syslog.
Updating AppArmor profiles in /etc/apparmor.d.
Traceback (most recent call last):
File "/usr/sbin/
lp_ret = apparmor.
File "/usr/lib/
read_profiles()
File "/usr/lib/
read_
File "/usr/lib/
profile_data = parse_profile_
File "/usr/lib/
filelist[
TypeError: 'bool' object does not support item assignment
------- ------- ------- ------- ------- ------- ------